An example that Elein put up yesterday:
http://archives.postgresql.org/pgsql-general/2005-04/msg01384.php
caused me to realize that type output functions that depend on
additional arguments to determine what they are dealing with are
fundamentally security holes. It is trivial to crash 8.0's
On Sat, Apr 30, 2005 at 04:17:59PM -0400, Tom Lane wrote:
An example that Elein put up yesterday:
http://archives.postgresql.org/pgsql-general/2005-04/msg01384.php
caused me to realize that type output functions that depend on
additional arguments to determine what they are dealing with are
[EMAIL PROTECTED] (elein) writes:
On Sat, Apr 30, 2005 at 04:17:59PM -0400, Tom Lane wrote:
It is trivial to crash 8.0's record_out
by lying to it about the rowtype of its first argument.
Is it not as trivial to crash it if one passes bad data into it?
Why is the oid arg worse than the data
On Sat, 2005-04-30 at 16:17 -0400, Tom Lane wrote:
An example that Elein put up yesterday:
http://archives.postgresql.org/pgsql-general/2005-04/msg01384.php
caused me to realize that type output functions that depend on
additional arguments to determine what they are dealing with are
On Sat, Apr 30, 2005 at 05:31:28PM -0400, Tom Lane wrote:
[EMAIL PROTECTED] (elein) writes:
On Sat, Apr 30, 2005 at 04:17:59PM -0400, Tom Lane wrote:
It is trivial to crash 8.0's record_out
by lying to it about the rowtype of its first argument.
Is it not as trivial to crash it if one
